For Fed CIOs and IT vendors, IPv6 checklist time is now

Whether you are a federal Chief Information Officer, or an information technology vendor selling networking gear to federal agencies, one thing is for certain: the new IPv6 implementation guidelines recently issued by the Office of Management and Budget have brought a new urgency to the need to make networks compliant with the new Internet protocol. And one of the top experts who helped shape that protocol has some advice for both sides of the IT equation.

Two weeks ago, Federal chief information officer Vivek Kundra, took the wraps off of a new OMB directive, outlining deadlines and milestones by which federal computer networks must be fully compliant with the IPv6 internet technical protocol.

The reason is clear: the people who manage the technical backbone of the internet say they are quickly running out of IP addresses — the numeric, digital “name” for each device operating on the network — using the original network protocol, Ipv4.

Advertisement

Computer experts have developed Ipv6, a new protocol that includes a trillion-trillion- trillion possible addresses, with plans for a transition involving both protocols. But Internet address registrars speaking at a recent IPv6 workshop held in Washington, and sponsored by the National Telecommunications and Information Administration, say that they will exhaust the available pool of the old-protocol Internet addresses by 2011.

“Hopefully, most users won’t notice it. We’re doing our job if it is un-noticeable to the end-user. ”

Winters is one of the managers at the UNH lab that does both testing and certification of computer networking gear, including the switches and routers that are the hardware backbone of the Internet. In recent years, his primary focus has been IPv6 equipment, including developing testing regimens and specifications for such equipment on federal IT networks.

As one of the Internet technical experts who has helped carve out the path to the IPv6 transition, Winters tells Federal News Radio that the OMB IPv6 directive is “the government pushing forward and being proactive about getting IPv6 out there and deployed. For them, its giving their networks longevity.”

Winters explains that it’s all about the federal government making its internet content and resources available not only to more traditional users, but to the next generation of users of mobile devices, all of which will be able to have their own unique and discrete internet addresses using the IPv6 numbering scheme.

In some ways, some IT experts have likened the looming depletion of IPv4 internet addresses to the “Year 2000″ IT crisis, when the change to a new decade unveiled an deficiency in the programming of computers worldwide. That shortcoming triggered a panic in the IT community, but few of the disastrous effects forecast came to pass.

In the same way, Winters says the depletion of IPv4 internet addresses won’t bring the global network crashing down, but instead will have the effect of slowing its growth and making some resources on the newer network protocol unavailable in places if not properly addressed. And Winters adds that it will be better if network administrators do all they can now to get their networks ready for IPv6.

“Moving to IPv6 is important,” he explains, “so it’s a smoother transition than fighting uphill, trying to find different ways to extend this. It’s almost like putting a band aid on the problem.”

Pete Tseronis at the Department of Energy, who chairs the federal CIO Council’s IPv6 Task Force, said in the weeks to come, he will be making the rounds of agencies to get a sense of where the government is with its transition to IPv6.

Winters was asked what advice he has for an agency CIO who needs help complying with the OMB IPv6 mandate.

They should go look at the USGv6 test profile, and the biggest thing is, when they are purchasing equipment today, to make sure that it can do IPv6, so when they are ready to make their transition plan, and to execute it, that they have the equipment available to them that supports it. If it doesn’t right now, you have to be asking those vendors, ‘When will you support these things I need on my network?’

For network equipment vendors selling IPV6 gear to the government, Winters’s says companies should also turn to the USGv6 checklist.

“What the test program is all about is buyers marking down what they want from IPv6. You mark off IPSEC for security, I want IPv6, and I want to use DHCP, and I want my router to do OSPF. And you put that out, and the vendors can reply, ‘This is what my box does’, and they hand you a sheet through the USG program.”

Winters advises that vendors speak to IT buyers, and ask about the features they expect to check off, and ask what features they will be expected to support.

At the IPv6 workshop, some attendees were concerned that as the deadline draws near for the depletion of ipv4 addresses, both the public and private sector will be competing for the networking equipment needed for compliance. With about 50 companies now testing their IPv6 equipment at the UNH networking labs, I asked Winters if industry is prepared to meet the potential demand.

A lot of companies have had this on their roadmap, and moved it up. UNH-IOL has been certified to do the USG test program, so we’ve been working with a lot of vendors who have been coming in and getting their products certified. A lot of the basic stuff has been going very, very well.

Winters goes on to acknowledge that they have experienced some difficulties in testing some equipment when it comes to security considerations. Some of the security-related issues involving current development and testing of products for IPv6 compliance have to do with devices like switches, and printers, and other peripherals that never used to have security considerations. Now that Ipv6’s massive address structure will make it possible to address even the smallest computer peripheral, Winters concludes insuring security within an IPv6 environment becomes more important than ever.